Pearcleaner is a free, source-available and fair-code licensed mac app cleaner
Description
Pearcleaner is a free, source-available and fair-code licensed mac app cleaner
Remediation
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Executive Summary:
A critical vulnerability has been identified in the
react-native-bottom-tabslibrary, affecting versions 0.9.2 and below. The flaw resides within a GitHub Actions workflow, which can be manipulated by an attacker to inject malicious code into the software build process. This could lead to a supply chain attack, where applications using this library are unknowingly distributed with malicious code, potentially compromising end-user data and systems.Vulnerability Details
CVE-ID: CVE-2025-54594
Affected Software: react-native-bottom-tabs (and by extension, multiple downstream products that use this library)
Affected Versions: Versions 0.9.2 and below
Vulnerability: The vulnerability exists in the
github/workflows/release-canary.ymlGitHub Actions workflow. This workflow improperly handles context from pull requests, allowing for command injection. An unauthenticated attacker can craft a malicious pull request with specially formatted branch names or commit messages. When the workflow is triggered, these malicious strings are used in a script or command line environment without proper sanitization, leading to arbitrary code execution on the build runner. This compromise allows an attacker to alter the release artifacts, embedding malware or backdoors into the compiled library that is then published for developers to use.Business Impact
This vulnerability is rated critical with a CVSS score of 9.1, reflecting its severe potential impact. Successful exploitation would result in a supply chain compromise, a highly effective attack vector. If your organization's applications use the vulnerable library, they could be trojanized to steal sensitive corporate or customer data, deploy ransomware, or use your infrastructure for further attacks. The consequences include significant reputational damage, loss of customer trust, regulatory fines for data breaches, and substantial financial costs associated with incident response and remediation.
Remediation Plan
Immediate Action:
react-native-bottom-tabslibrary.Proactive Monitoring:
Compensating Controls:
release-canary.ymlworkflow in your fork of the repository to prevent exploitation.Exploitation Status
Public Exploit Available: false
Analyst Notes:
As of August 6, 2025, there are no known public exploits or active exploitation campaigns targeting this vulnerability. However, vulnerabilities in CI/CD pipelines are highly valued by threat actors for supply chain attacks. Due to the straightforward nature of the likely attack vector (e.g., a malicious pull request), proof-of-concept (PoC) code could be developed and released quickly. Any exploitation would result in a compromised version of the library, making it difficult to detect without deep binary analysis.
Analyst Recommendation
Given the critical severity (CVSS 9.1) and the potential for a high-impact supply chain attack, this vulnerability requires immediate attention. We strongly recommend that all teams immediately initiate the remediation plan. The highest priority is to identify all instances of the
react-native-bottom-tabslibrary and update them to a patched version. Although this CVE is not currently on the CISA KEV list, its critical nature warrants treating it with the same level of urgency as a known exploited vulnerability. A post-remediation audit of CI/CD security practices and dependency management is also advised to prevent similar issues in the future.